The bill aims to enhance election security in Washington State by introducing new cybersecurity measures for county election offices. Key provisions include the mandatory adoption of the ".gov" top-level domain for all election-related websites and email communications, which is intended to reduce confusion and cyber threats. Additionally, the bill requires the partitioning of internal government networks to create a more secure environment for election infrastructure, ensuring that election-related systems are isolated from other county assets. It also mandates that vendors supporting county or state cyber assets must immediately report any breaches or successful cyber attacks to the Secretary of State and the Attorney General.

Furthermore, the bill amends existing laws to require that all voting systems and components used in elections receive prior approval from the Secretary of State. It establishes a framework for manufacturers and distributors of voting systems to disclose any security breaches immediately. Counties are also required to install intrusion detection systems to monitor for malicious activity continuously. By July 1, 2027, all counties must implement these cybersecurity measures, which include isolating ballot counting equipment from external networks and ensuring secure data transfer practices. The Secretary of State is tasked with consulting county auditors on the necessary systems to be partitioned and may extend compliance deadlines if needed.

Statutes affected:
Original Bill: 29A.12.050, 29A.12.020
Substitute Bill: 29A.12.050, 29A.12.020
Engrossed Substitute: 29A.12.050, 29A.12.020